US journalist suffers hack attack via Apple iCloud

iCloud logo Apple's iCloud co-ordinates data across devices but cut one journalist off from his digital life

Related Stories

A US tech journalist was cut off from his entire digital life by attackers who tricked Apple support into re-setting his iCloud account.

The attack wiped Mat Honan's iPad, iPhone and Macbook and let hackers into his Gmail and Twitter accounts.

Mr Honan is recovering his data and regaining control of the accounts with the help of Apple and Google.

Commentators said the attack showed up the risk of using cloud-based messaging services.

Locked out

Writing on his blog, Mr Honan said he became aware of the attack when his iPhone went dead and then returned to the set-up screen. Initially he assumed it was just a software error and went to connect it to this Macbook Air to restore the data.

His suspicions became aroused when the laptop started and asked him for a PIN even though he had never created one on that device. He turned to his iPad and found that too had been reset.

Mr Honan then called Apple support using his wife's iPhone and used her laptop to sign into Gmail. The password for this had been changed and the backup sent to his iCloud account - to which he no longer had access.

Start Quote

We just have to keep on trusting our providers to keep us safe”

End Quote Derrick Harris GigaOm

It was this attack, said Mr Honan, that produced the rude messages that briefly appeared on the Twitter account of Gizmodo - Mr Honan's employer. The attackers got access to this account because it was linked to his personal Twitter feed.

Mr Honan has been able to find out exactly what happened because one of his attackers, a member of a hacking group called Clan Vv3, got in touch and told him how they did it.

The hackers called Apple technical support and used "social engineering" techniques to convince staff that they were Mr Honan and that the account needed to be re-set.

Via Gizmodo, Mr Honan has been in touch with contacts at Apple, Google and Twitter who have helped restore access to his accounts. He said Apple was investigating the incident to see how to prevent future attacks.

Derrick Harris at tech news site GigaOm said the attack highlighted some "hard truths" about cloud-based services.

Mr Harris said consumers gave up control over their digital lives when they signed for iCloud or similar services. The iCloud service co-ordinates everything a customer does on one Apple device to make it available on all their Apple devices.

"If we want to be part of it, we just have to keep on trusting our providers to keep us safe," he said.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.